Lucene search
K

397 matches found

Patchstack
Patchstack
added 2024/10/25 12:0 a.m.12 views

WordPress GRÜN spendino Spendenformular Plugin <= 1.0.1 is vulnerable to Privilege Escalation

Software GRÜN spendino Spendenformular Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50476 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 6ea142807fb0...

9.8CVSS6.5AI score0.01219EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.26 views

WordPress Acnoo Flutter API Plugin <= 1.0.5 is vulnerable to Privilege Escalation

Software Acnoo Flutter API Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50486 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 69fb59b59cf8 Credits...

9.8CVSS6.8AI score0.00525EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.26 views

WordPress Plugin Propagator Plugin <= 0.1 is vulnerable to Arbitrary File Upload

Software Plugin Propagator Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50495 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 8034c466a94c Credits stealthcopter Required privilege...

10CVSS7.2AI score0.00501EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.10 views

WordPress Extensions by HocWP Team Plugin <= 0.2.3.2 is vulnerable to Broken Authentication

Software Extensions by HocWP Team Type Plugin Vulnerable versions = 0.2.3.2 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9930 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 7d51f78c234b Credit...

9.8CVSS6.5AI score0.00543EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.20 views

WordPress wpDiscuz Plugin <= 7.6.24 is vulnerable to Broken Authentication

Software wpDiscuz Type Plugin Vulnerable versions = 7.6.24 Fixed in 7.6.25 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9488 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID c3cf059c4b56 Credits wesley wcraf...

9.8CVSS6.5AI score0.0081EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.9 views

WordPress Clean Retina Theme <= 3.0.6 is vulnerable to Local File Inclusion

Software Clean Retina Type Theme Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50436 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID e56d05b5bd53 Credits tahu.datar Required privilege Unauthenticate...

7.5CVSS6.8AI score0.00456EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.10 views

WordPress Meta News Theme <= 1.1.7 is vulnerable to Local File Inclusion

Software Meta News Type Theme Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50435 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID d90fa015825d Credits tahu.datar Required privilege Unauthenticated...

7.5CVSS6.8AI score0.00456EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.13 views

WordPress NewsCard Theme <= 1.3 is vulnerable to Local File Inclusion

Software NewsCard Type Theme Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50434 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ddf0621fd895 Credits tahu.datar Required privilege Unauthenticated...

7.5CVSS6.8AI score0.00443EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.13 views

WordPress Verbalize WP Plugin <= 1.0 is vulnerable to Arbitrary File Upload

Software Verbalize WP Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49668 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 5d5cf04a7cde Credits stealthcopter Required privilege Unauthenticate...

10CVSS6.8AI score0.01457EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.8 views

WordPress AI Image Generator for Your Content & Featured Images – AI Postpix Plugin <= 1.1.8 is vulnerable to Arbitrary File Upload

Software AI Image Generator for Your Content & Featured Images – AI Postpix Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2024-49671 Patch priority High CVSS severity High 9.9 Developer Claim ownership...

9.9CVSS6.5AI score0.00508EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.10 views

WordPress Woocommerce Custom Profile Picture Plugin <= 1.0 is vulnerable to Arbitrary File Upload

Software Woocommerce Custom Profile Picture Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49658 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID a92aac6ed113 Credits stealthcopter Required...

9.9CVSS6.8AI score0.00537EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/21 12:0 a.m.20 views

WordPress 3D Work In Progress Plugin <= 1.0.3 is vulnerable to Arbitrary File Deletion

Software 3D Work In Progress Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Deletion CVE CVE-2024-49657 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 209728d5f5a9 Credits stealthcopter Required privilege...

7.7CVSS6.8AI score0.00387EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.10 views

WordPress Advanced Advertising System Plugin <= 1.3.1 is vulnerable to PHP Object Injection

Software Advanced Advertising System Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-49624 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 02d433e2c1ec Credits Mika Required privilege...

9.8CVSS6.9AI score0.00538EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.13 views

WordPress SW Contact Form Plugin <= 1.0 is vulnerable to SQL Injection

Software SW Contact Form Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49612 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 50cfc368b184 Credits João Pedro S Alcântara Kinorth Required privilege...

8.8CVSS8.8AI score0.00432EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.10 views

WordPress Duplicate Title Validate Plugin <= 1.0 is vulnerable to SQL Injection

Software Duplicate Title Validate Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49623 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 62fe8295ce3c Credits Muhamad Agil Fachrian Required privilege...

8.8CVSS6.9AI score0.00433EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.20 views

WordPress Author Discussion Plugin <= 0.2.2 is vulnerable to SQL Injection

Software Author Discussion Type Plugin Vulnerable versions = 0.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49609 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 126e44ab20dc Credits João Pedro S Alcântara Kinorth Required privile...

8.8CVSS8.8AI score0.00432EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.13 views

WordPress Kento Post View Counter Plugin <= 2.8 is vulnerable to SQL Injection

Software Kento Post View Counter Type Plugin Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2016-15040 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ec30554661e3 Credits WordFence Required privilege Unauthenticate...

9.8CVSS6.9AI score0.0053EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/16 12:0 a.m.20 views

WordPress Timetics Plugin <= 1.0.25 is vulnerable to Privilege Escalation

Software Timetics Type Plugin Vulnerable versions = 1.0.25 Fixed in 1.0.26 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-9263 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 9e7b0505f08b Credits wesley wcraft Required privilege...

9.8CVSS6.5AI score0.01146EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.12 views

WordPress File Manager Pro Plugin <= 8.3.9 is vulnerable to Broken Access Control

Software File Manager Pro Type Plugin Vulnerable versions = 8.3.9 Fixed in 8.3.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8746 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 037debfe30cc Credits TANG Cheuk Hei siunam...

8.8CVSS6.8AI score0.00594EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.10 views

WordPress SSV MailChimp Plugin <= 3.1.5 is vulnerable to Local File Inclusion

Software SSV MailChimp Type Plugin Vulnerable versions = 3.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-49285 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 383b9dc2b560 Credits tahu.datar Required privilege Unauthenticate...

7.5CVSS6.8AI score0.0051EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder